This week’s highlighted project is one of the newest additions to the CNCF. Last week at KubeCon + CloudNativeCon 2021, the foundation announced that its Technical Oversight Committee had voted to accept Cilium as an incubating project.
Cilium provides networking, security, and observability for cloud native environments. It also provides load balancing between application workloads.
It makes use of the Linux technology eBPF. Cilium supports dynamic insertion of eBPF bytecode at various integration points of the Linux kernel, including network IO, application sockets, and tracepoints.
The project consists of multiple components that can function independently of each other, enabling users to pick and choose functionality or run Cilium alongside other container network interfaces (CNIs). The components include:
- An agent that runs on Kubernetes worker nodes and servers and provides the core eBPF platform
- The CNI plugin that enables Cilium to be used for networking in Kubernetes clusters and other orchestration systems that rely on the CNI specification
- An observability component called Hubble that provides network and security logs, metrics, tracing data, and graphical user interfaces
- ClusterMesh, which provides connectivity, service discovery, network security, and observability across clusters and workloads
- A load balancer that either runs in the cluster and implements Kubernetes services or runs on its own to provide north-south load balancing in front of Kubernetes clusters.
The project is used by a number of large organizations already, including Adobe, Capital One, GitLab, and Yahoo. In addition, Alibaba, AWS, DigitalOcean, and Google Cloud all use it as a CNI plugin for their managed cloud and on-premises Kubernetes platform.
According to the CNCF, some notable stats for the project are that it has over 9,000 GitHub stars, over 12,000 pull requests, and 342 contributors.
Future releases of Cilium will add capabilities such as OpenTelemetry support, L7 load balancing support, advanced IPAM modes, multi-homing, service changing, enhanced support for external workloads, more identity integrations, deeper workload visibility, and continued focus on identity-based enforcement.
“eBPF allows programs in the kernel to run without kernel modules or modifications,” said Chris Aniszczyk, CTO of CNCF. “It is enabling a new generation of software to extend the behavior of the kernel. In the case of Cilium, it provides sidecar less high-performance networking, advanced load balancing, and more. We’re excited to welcome more eBPF-based projects into the cloud native ecosystem and look forward to watching Cilium help grow the eBPF ecosystem.”